package com.usian.springsecuritydemo01.controller;

import com.usian.springsecuritydemo01.entity.UserInfo;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.access.prepost.PostFilter;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.ArrayList;
import java.util.List;

@RestController
public class LoginController {

    @RequestMapping("/test")
    public String login(){
        return "登陆成功";
    }

    @GetMapping("/index")
        public String index(){
            return "hello";
    }
    @GetMapping("/test/index")
    public String testindex(){
        return "success";
    }
    @PostMapping("/user/login")
    public String log(){
        return "login success";
    }

    @GetMapping("/hellose")
    @Secured({"ROLE_管理员","ROLE_admin"})
    public String testSecurity(){
        return "hello,security";
    }

    @GetMapping("/hellopro")
    @PreAuthorize("hasRole('ROLE_普通用户')")
    public String testhello(){
        return "hello,国强";
    }

    @RequestMapping("/getAll")
    @PreAuthorize("hasRole('ROLE_管理员')")
    @PostFilter("filterObject.username=='admin1'")
    public List<UserInfo> getAll(){
        ArrayList<UserInfo> list = new ArrayList<>();
        list.add(new UserInfo(1,"admin1"));
        list.add(new UserInfo(2,"admin2"));
        return list;
    }
}
